Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/X-TzKvTDQKdfwXTGmw1JBN0P_AM.roa
File: X-TzKvTDQKdfwXTGmw1JBN0P_AM.roa (raw, json)
Hash identifier: SvdhPuhJxAy/YcJ5vTJfO0BbEKi7SM6AfkVdt3XvPkk=
Subject key identifier: 5F:E4:F3:2A:F4:C3:40:A7:5F:C1:74:C6:9B:0D:49:04:DD:0F:FC:03
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0188FE69A81BC681A68896A6DB8B7AF3223C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/X-TzKvTDQKdfwXTGmw1JBN0P_AM.roa
Signing time: Tue 27 Jun 2023 19:51:57 +0000
ROA not before: Tue 27 Jun 2023 19:51:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34358
IP address blocks: 85.121.136.0/23 maxlen: 23
217.156.44.0/23 maxlen: 23
85.120.35.0/24 maxlen: 24
81.180.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Jun 2023 11:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fe:69:a8:1b:c6:81:a6:88:96:a6:db:8b:7a:f3:22:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 27 19:51:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fe4f32af4c340a75fc174c69b0d4904dd0ffc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:53:d3:84:4f:9b:40:de:46:29:e1:f9:0d:8f:
06:5d:e9:47:5a:01:77:d2:88:e0:6a:07:06:2b:55:
1f:b4:a4:e3:98:96:8c:72:8a:0c:ae:13:b4:c9:fa:
79:5d:b5:87:f4:f0:22:bc:1e:d4:8f:cc:6d:f2:73:
b8:2f:93:66:76:79:d6:62:b0:31:88:ff:c4:05:32:
03:d0:00:8f:1c:3c:52:78:b2:5d:f2:cc:2e:a7:e2:
f8:ab:45:1e:1c:86:69:d4:0f:65:1e:7d:0c:15:c8:
6d:b3:99:0b:f0:28:48:0a:50:c1:74:e6:87:72:6a:
73:83:72:38:02:2a:22:9f:e5:0b:8b:6c:b7:63:ef:
61:f9:19:37:92:c2:48:85:85:57:95:d6:ce:4e:5d:
8e:49:c7:b6:b8:42:a5:c3:ad:06:07:e4:7c:06:7a:
6b:b7:22:40:e7:1c:b7:fe:9d:29:09:0c:d8:60:eb:
42:8e:55:93:70:61:a1:85:25:48:9f:65:43:96:10:
e7:d8:47:6f:54:f3:69:91:3b:54:d0:94:6a:66:0a:
d2:87:be:3b:72:9a:3e:ff:93:10:7d:9d:a1:b8:ab:
e2:1f:0f:c7:2e:62:7a:56:ef:42:bf:2f:f3:6f:1b:
81:46:5b:18:42:97:af:f9:3d:54:10:8c:70:7f:c8:
77:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E4:F3:2A:F4:C3:40:A7:5F:C1:74:C6:9B:0D:49:04:DD:0F:FC:03
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/X-TzKvTDQKdfwXTGmw1JBN0P_AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.180.200.0/24
85.120.35.0/24
85.121.136.0/23
217.156.44.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:65:9a:d5:fa:5e:34:4e:8b:5a:06:11:6d:58:d0:7b:d7:38:
31:74:65:93:95:e8:76:fd:7f:82:6d:c4:00:e8:d7:4a:a3:a1:
c4:9f:c6:43:b1:3a:2b:c7:86:58:88:74:cc:e6:9f:83:bd:03:
17:a3:c2:c3:69:a0:9a:ef:b1:a9:66:c6:49:5d:7e:c2:51:0d:
54:6e:46:bc:43:22:68:63:90:a6:56:9f:8b:97:34:0c:8f:f5:
f3:27:b6:44:a9:3f:11:71:b0:a6:34:ea:69:cb:df:63:f5:d2:
aa:be:cf:01:b3:f6:4c:25:95:cd:c3:5e:be:5f:19:a8:7a:ca:
7c:ae:36:a8:e0:20:ac:4c:ef:63:dd:41:7a:3e:15:62:28:4b:
3e:db:56:59:07:7d:30:0a:10:27:9a:b6:21:e2:00:bf:c5:cb:
1b:43:53:18:d3:ab:d3:36:73:fb:b0:56:4d:4f:ac:31:21:a0:
1d:99:73:1b:ab:f9:2a:49:5a:8c:c8:be:93:cc:1e:fe:89:1d:
47:7f:77:32:a9:77:92:a7:cf:d4:3c:1b:f2:23:6d:bd:3e:11:
66:95:2d:ce:c5:0f:60:ab:92:d2:16:93:04:64:6a:37:f8:e3:
29:16:5a:67:e9:82:cb:04:69:27:85:a5:c3:26:09:2e:47:19:
7d:d4:30:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYj+aagbxoGmiJam24t68yI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwNjI3MTk1MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU0ZjMyYWY0YzM0MGE3NWZjMTc0YzY5YjBkNDkwNGRkMGZmYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFPThE+bQN5GKeH5DY8GXelHWgF3
0ojgagcGK1UftKTjmJaMcooMrhO0yfp5XbWH9PAivB7Uj8xt8nO4L5NmdnnWYrAx
iP/EBTID0ACPHDxSeLJd8swup+L4q0UeHIZp1A9lHn0MFchts5kL8ChIClDBdOaH
cmpzg3I4Aioin+ULi2y3Y+9h+Rk3ksJIhYVXldbOTl2OSce2uEKlw60GB+R8Bnpr
tyJA5xy3/p0pCQzYYOtCjlWTcGGhhSVIn2VDlhDn2EdvVPNpkTtU0JRqZgrSh747
cpo+/5MQfZ2huKviHw/HLmJ6Vu9Cvy/zbxuBRlsYQpev+T1UEIxwf8h3xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF/k8yr0w0CnX8F0xpsNSQTdD/wDMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvWC1Uekt2VERRS2Rmd1hUR213MUpCTjBQX0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUbTIAwQA
VXgjAwQBVXmIAwQB2ZwsMA0GCSqGSIb3DQEBCwUAA4IBAQBLZZrV+l40TotaBhFt
WNB71zgxdGWTleh2/X+CbcQA6NdKo6HEn8ZDsTorx4ZYiHTM5p+DvQMXo8LDaaCa
77GpZsZJXX7CUQ1Ubka8QyJoY5CmVp+LlzQMj/XzJ7ZEqT8RcbCmNOppy99j9dKq
vs8Bs/ZMJZXNw16+Xxmoesp8rjao4CCsTO9j3UF6PhViKEs+21ZZB30wChAnmrYh
4gC/xcsbQ1MY06vTNnP7sFZNT6wxIaAdmXMbq/kqSVqMyL6TzB7+iR1Hf3cyqXeS
p8/UPBvyI229PhFmlS3OxQ9gq5LSFpMEZGo3+OMpFlpn6YLLBGknhaXDJgkuRxl9
1DCQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org